[HOW-TO] Use SSH for Server Authentication 🔓

Published by Alicia's Notes 🚀, View original

Generating a new SSH Key Pair

  1. Run ssh-keygen -t rsa -b 4096
  2. When prompted, enter a passphrase
  3. SSH keys should be stored in ~/.ssh/

Importing Public Key to Remote Machine

Option #1 - Manual Configuration

  1. SSH into remote server, with username + password
  2. cd into your /home directory, and mkdir .ssh
  3. Copy public key from local to remote machine scp ~/.ssh/my_key.pub user@0.0.0.0:/home/username/.ssh/my_key.pub
  4. Append SSH public key to authorized hosts file cat ~/.ssh/my_key.pub >> ~/.ssh/authorized_keys
  5. Set permissions for
    • the .ssh directory (read, write, execute): chmod 700 ~/.ssh/
    • and the SSH keys (read, write): chmod 600 ~/.ssh/*

Option #2 - SSH Copy ID Command

Alternatively, the SSH Copy ID command will upload your public key to the remote server and update .ssh/authorized_keys
After generating an SSH key pair, simply run ssh-copy-id user@0.0.0.0 (with your username, IP and any other SSH flags)


Disable Password Authentication

  1. Make a backup of the sshdconfig file, before modifying it `sudo cp /etc/ssh/sshdconfig.backup`
  2. Turn off password authentication
    • sudo vim /etc/ssh/sshd_config
    • Find #PasswordAuthentication yes and replace with PasswordAuthentication no
    • Save and exit
  3. Restart SSH service sudo service ssh restart

Further Links